[ale] Security and OSS

Pete Hardie pete.hardie at gmail.com
Fri Feb 19 12:16:11 EST 2010


On Fri, Feb 19, 2010 at 11:04, Dustin Puryear <dpuryear at puryear-it.com> wrote:
> As far as "conflating bugs with security flaws", I think the two are generally highly related with the exception that security flaws can sometimes be the result of a design issue or a specific bug (implementation issue).
>
> In other words, I think you can generally relate the two.

But the key takeaway from "with enough eyes, all bugs are shallow"
isn't that lots of people = no bugs, but that lots of people = someone
will figure out a correct answer.

All security flaws are bugs, but not all bugs are security flaws.

-- 
Pete Hardie
--------
Better Living Through Bitmaps


More information about the Ale mailing list